Commit graph

1563 commits

Author SHA1 Message Date
ArthurHoaro
d06265fb57 Unit tests for Router and PluginManager. 2015-11-07 15:27:22 +01:00
ArthurHoaro
567967fdf9 Template upgrade to handle plugin zones
Add a bunch of plugin placeholders in templates
2015-11-07 15:27:22 +01:00
ArthurHoaro
0aec972a8b Plugins TODO.md 2015-11-07 15:27:22 +01:00
ArthurHoaro
6fc14d5303 Plugin system - CORE
see shaarli/Shaarli#275
2015-11-07 15:27:17 +01:00
ArthurHoaro
d01c234235 Fixes #356
* adding a link should return added link's hash
* allow redirection relative urls in generateLocation
2015-11-04 19:53:59 +01:00
VirtualTam
38bedfbbcd Bump version to 0.5.4
Fixes:
 - PHP session IDs: handle hash algorithms and bits per char representations

Minor changes:
 - HTTPS: support being served behing an SSL-enabled proxy
 - HTTP/Server utilities: refactor & add test coverage

Project & documentation:
 - improve/rewrite `README.md`
 - update contributor list
 - update `index.php` header

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-09-14 21:02:52 +02:00
VirtualTam
49e2b35b4a Update project information: contributors, index.php header
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-09-14 20:54:13 +02:00
VirtualTam
4df3520d6e Merge pull request #346 from virtualtam/refactor/http-url-utils
HTTP: move server URL functions to `HttpUtils.php`
2015-09-14 20:40:41 +02:00
VirtualTam
482d67bd52 HTTP: move server URL functions to HttpUtils.php
Relates to #333

Modifications:
 - refactor server URL utility functions
 - do not access global `$_SERVER` variables
 - add test coverage
 - improve readability
 - apply coding conventions

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-09-14 20:27:16 +02:00
Fanch
7b114771d3 SSL detection: add support for X-Forwarded-Proto
Duplicates #332

See:
 - RFC 7239 - Forwarded HTTP Extension
   http://www.ietf.org/rfc/rfc7239.txt
 - RFC 6238 - Deprecating the "X-" Prefix and Similar Constructs in Application Protocols
   http://www.ietf.org/rfc/rfc6648.txt
 - StackOverflow - Custom HTTP headers: naming conventions
   http://stackoverflow.com/a/3561399
2015-09-13 21:17:01 +02:00
VirtualTam
ce47a75864 Merge pull request #337 from doc75/doublon_url
#325 small enhancement to fix the GetLinkFromUrl method
2015-09-08 22:03:18 +02:00
Guillaume Virlet
ef591e7ee2 Url: introduce global helper functions for cleanup and scheme detection
Relates to #314 & #326

Additions:
 - add global `cleanup_url()` and `get_url_scheme()` functions

Modifications:
 - replace `Url` usage in `index.php` by calls to global functions
 - fix `Url` tests not being run: PHPUnit expects a single test class per file
   - move classes to separate files
2015-09-08 22:00:37 +02:00
VirtualTam
0a813cfd7c Merge pull request #334 from virtualtam/refactor/http-utils
HTTP: move utils to a proper file, add tests
2015-09-06 20:32:01 +02:00
VirtualTam
451314eb48 HTTP: move utils to a proper file, add tests
Relates to #333

Modifications:
 - move HTTP utils to 'application/HttpUtils.php'
 - simplify logic
   - replace 'http_parse_headers_shaarli' by built-in 'get_headers()'
   - remove superfluous '$status' parameter (provided by the HTTP headers)
 - apply coding conventions
 - add test coverage (unitary only)

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-09-06 19:30:26 +02:00
VirtualTam
f5d6b19b73 Merge pull request #338 from virtualtam/fix/unique-uniqid
Session ID: extend the regex to match possible hash representations
2015-09-06 16:16:53 +02:00
VirtualTam
68bc21353a Session ID: extend the regex to match possible hash representations
Improves #306
Relates to #335 & #336
Duplicated by #339

Issues:
 - PHP regenerates the session ID if it is not compliant
 - the regex checking the session ID does not cover all cases
   - different algorithms: md5, sha1, sha256, etc.
   - bit representations: 4, 5, 6

Fix:
 - `index.php`:
   - remove `uniqid()` usage
   - call `session_regenerate_id()` if an invalid cookie is detected
 - regex: support all possible characters - '[a-zA-Z,-]{2,128}'
 - tests: add coverage for all algorithms & bit representations

See:
 - http://php.net/manual/en/session.configuration.php#ini.session.hash-function
 - https://secure.php.net/manual/en/session.configuration.php#ini.session.hash-bits-per-character
 - http://php.net/manual/en/function.session-id.php
 - http://php.net/manual/en/function.session-regenerate-id.php
 - http://php.net/manual/en/function.hash-algos.php

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-09-06 16:14:24 +02:00
VirtualTam
a02257b8ae Merge pull request #344 from virtualtam/copying
COPYING: update contributor list
2015-09-06 04:07:28 +02:00
VirtualTam
db5453e4b6 COPYING: update contributor list
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-09-06 03:07:25 +02:00
VirtualTam
cd5c102892 Update README.md 2015-09-06 02:22:52 +02:00
VirtualTam
6f2309aa08 Merge pull request #343 from virtualtam/readme
Rewrite README.md
2015-09-06 02:16:39 +02:00
VirtualTam
e9b80e7272 Rewrite README.md
Modifications:
 - group content in sections
 - homogenize formatting
 - replace installation instructions by links to the corresponding wiki pages
 - update badges
   - use http://shields.io/ to generate SVGs with custom labels
   - master branch: update Travis label
   - stable branch: add Travis status
   - GitHub release: display the latest released version

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-09-06 02:04:31 +02:00
VirtualTam
bb91a8c6e8 Merge pull request #340 from virtualtam/doc/update
Doc: sync from Wiki, generate HTML
2015-09-04 21:35:27 +02:00
VirtualTam
f8b936e7e7 Doc: sync from Wiki, generate HTML
Additions:
 - Installation/Download: how to get Shaarli
 - Community software: ShaarliOS app

Modifications:
 - Installation/Server requirements: PHP 5.4 EOL, PHP 7 announcements
 - Installation/Server configuration: improve Nginx security
 - Troubleshooting: PHP sessions on `free.fr`

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-09-04 21:32:25 +02:00
ArthurHoaro
ce8c4a84ba Bump version to v0.5.3
Fixes a bug that could prevent user to login.
2015-09-02 18:06:21 +02:00
Arthur
67ee1435f8 Merge pull request #336 from ArthurHoaro/login-hotfix
Allow uppercase letters in PHP sessionid format
2015-09-02 17:55:11 +02:00
ArthurHoaro
4d30975a06 Allow uppercase letters in PHP sessionid format
Fixes shaarli/Shaarli#335 - Wrong login/password since v0.5.2

Regression introduced in 06b6660a7e
2015-09-02 17:00:38 +02:00
VirtualTam
53cc2b93b8 Bump version to 0.5.2
Minor changes
 - fix Full Path Disclosure upon cookie forgery
 - fix regression preventing to load LinkDB info when adding an existing link
 - also extract HTTPS page metadata (title)
 - add PHP 7 to Travis platforms

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-08-31 20:39:27 +02:00
VirtualTam
6211c498f6 Merge pull request #326 from ArthurHoaro/bug-url
Fixes #325 - Shaarli does not recognize saved links
2015-08-31 20:31:41 +02:00
ArthurHoaro
26c503460c Add HTTPS support for title extracting feature 2015-08-31 12:30:59 +02:00
ArthurHoaro
9e1724f192 Fixes #325 - Shaarli does not recognize saved links
PHP doesn't seem to autoconvert objects to strings when they're use as array indexes.

Fixes regression introduced in d9d776af19
2015-08-31 12:26:38 +02:00
VirtualTam
ce8e248ab0 Merge pull request #306 from ArthurHoaro/fpd
Avoid Full Path Disclosure error on session error.
2015-08-24 21:25:33 +02:00
VirtualTam
b5d96e9b1f Merge pull request #327 from virtualtam/travis/php7
travis: add PHP 7 to the tested environments
2015-08-24 00:30:05 +02:00
ArthurHoaro
06b6660a7e Avoid Full Path Disclosure error on session error.
* Add a function to validate session ID.
  * Generate a new session ID if an invalid token is passed.
2015-08-22 10:10:55 +02:00
VirtualTam
bdf4f78519 travis: add PHP 7 to the tested environments
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-08-22 00:09:46 +02:00
VirtualTam
d7efade5d6 Bump version to 0.5.1
Minor changes
 - fix 404 after editing a link while being logged out
 - update local documentation
 - improve timezone detection at installation
 - improve feed cache handling
 - improve URL cleanup for new links
 - add a link to the shaarli/shaarli DockerHub repository

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-08-18 00:36:55 +02:00
VirtualTam
6335a0fc0c Doc: sync from Wiki, generate HTML
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-08-18 00:33:25 +02:00
VirtualTam
f8bf8d8e59 Merge pull request #314 from shaarli/clean-utm_term
clean utm_term url parameter
2015-08-16 23:01:54 +02:00
VirtualTam
c622d32820 README: add DockerHub badge
See [docker-shaarli](https://github.com/shaarli/docker-shaarli) for Dockerfiles and documentation
2015-08-16 14:50:16 +02:00
VirtualTam
d9d776af19 Links: refactor & improve URL cleanup
Relates to #141
Relates to #133

Modifications
 - move URL cleanup to `application/Url.php`
 - rework the cleanup function
   - fragments: `#stuff`
   - GET parameters: `?var1=val1&var2=val2`
 - add documentation (APIs the params belong to)
 - add test coverage

Reference
 - http://php.net/parse_url
 - http://php.net/manual/en/language.oop5.magic.php#language.oop5.magic.tostring

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-08-15 15:58:38 +02:00
VirtualTam
a3b1b4ae70 Merge pull request #309 from virtualtam/refactor/PageCache
CachedPage: move to a proper file, add tests
2015-08-13 23:54:26 +02:00
VirtualTam
aedd62e2b8 Cache: simplify cached content cleanup, improve tests
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-08-13 23:51:31 +02:00
VirtualTam
01e48f269d CachedPage: move to a proper file, add tests
Modifications
 - rename `pageCache` to `CachedPage`
 - move utilities to `Cache`
 - do not access globals
 - apply coding rules
 - update LinkDB and test code
 - add test coverage

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-08-13 23:48:06 +02:00
VirtualTam
5ac5349ac0 Merge pull request #301 from ArthurHoaro/edit-link-redirect
Fixes #299: prevent 404 on '?edit_link' while logged out
2015-08-13 23:47:05 +02:00
ArthurHoaro
5fbabbb9be Fixes #299: prevent 404 on '?edit_link' while logged out
- add a use case for edit_link in logged out part.
 - *really* prevent loops on login screen.
2015-08-07 16:26:38 +02:00
VirtualTam
b282fffa23 Merge pull request #313 from virtualtam/install/timezone
Installation: default to the server's timezone
2015-08-05 16:34:40 +02:00
VirtualTam
afd7b77b4c Installation: default to the server's timezone
Modifications
 - attempt to use the server's timezone
 - if none is set, use UTC
 - TimeZone: apply coding conventions
   - variable naming
   - no closing PHP tag

Relates to #274

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-08-04 23:54:03 +02:00
VirtualTam
27cf2e671d Merge pull request #294 from virtualtam/doc/update
Doc: sync from Wiki, generate HTML
2015-08-04 16:07:13 +02:00
VirtualTam
992af0b9d7 Doc: sync from Wiki, generate HTML
Closes #291
Fixes #227

Modifications
 - HTML content: match the new Wiki structure
 - Makefile
   - generate a custom HTML sidebar
   - include the sidebar on all pages
   - infer and prepend page titles
   - handle relative links
   - add title metadata, e.g. Shaarli - <Page Name>

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2015-08-04 16:02:21 +02:00
VirtualTam
96db105e4c Merge pull request #276 from virtualtam/tools/phpcs
Add a generic rule to run PHPCS against different coding standards
2015-07-31 16:08:32 +02:00
VirtualTam
a421aeea66 Merge pull request #303 from virtualtam/v0.5.0
Bump version to 0.5.0
2015-07-30 11:43:43 +02:00